English
Related papers

Related papers: False Memory Formation in Continual Learners Throu…

200 papers

Explainable machine learning holds great potential for analyzing and understanding learning-based systems. These methods can, however, be manipulated to present unfaithful explanations, giving rise to powerful and stealthy adversaries. In…

Cryptography and Security · Computer Science 2022-04-21 Maximilian Noppel , Lukas Peter , Christian Wressnegger

Federated learning allows multiple users to collaboratively train a shared classification model while preserving data privacy. This approach, where model updates are aggregated by a central server, was shown to be vulnerable to poisoning…

Machine Learning · Computer Science 2020-12-17 Chien-Lun Chen , Leana Golubchik , Marco Paolieri

Most artificial intelligence models have limiting ability to solve new tasks faster, without forgetting previously acquired knowledge. The recently emerging paradigm of continual learning aims to solve this issue, in which the model learns…

Machine Learning · Computer Science 2018-06-01 Ju Xu , Zhanxing Zhu

Recently, backdoor attacks have become an emerging threat to the security of machine learning models. From the adversary's perspective, the implanted backdoors should be resistant to defensive algorithms, but some recently proposed…

Machine Learning · Computer Science 2024-07-23 Hoang Pham , The-Anh Ta , Anh Tran , Khoa D. Doan

Recent researches show that deep learning model is susceptible to backdoor attacks. Many defenses against backdoor attacks have been proposed. However, existing defense works require high computational overhead or backdoor attack…

Computer Vision and Pattern Recognition · Computer Science 2023-05-26 Mingfu Xue , Yinghao Wu , Zhiyu Wu , Yushu Zhang , Jian Wang , Weiqiang Liu

Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a…

Machine Learning · Computer Science 2024-11-12 Shafi Goldwasser , Michael P. Kim , Vinod Vaikuntanathan , Or Zamir

Split learning is a collaborative learning design that allows several participants (clients) to train a shared model while keeping their datasets private. Recent studies demonstrate that collaborative learning models, specifically federated…

Cryptography and Security · Computer Science 2023-05-29 Behrad Tajalli , Oguzhan Ersoy , Stjepan Picek

Backdoor attacks on deep neural networks have emerged as significant security threats, especially as DNNs are increasingly deployed in security-critical applications. However, most existing works assume that the attacker has access to the…

Cryptography and Security · Computer Science 2024-08-22 Jiahao Wang , Xianglong Zhang , Xiuzhen Cheng , Pengfei Hu , Guoming Zhang

Backdoor attacks pose a persistent security risk to deep neural networks (DNNs) due to their stealth and durability. While recent research has explored leveraging model unlearning mechanisms to enhance backdoor concealment, existing attack…

Cryptography and Security · Computer Science 2025-10-16 Baogang Song , Dongdong Zhao , Jianwen Xiang , Qiben Xu , Zizhuo Yu

Backdoor attack intends to embed hidden backdoor into deep neural networks (DNNs), so that the attacked models perform well on benign samples, whereas their predictions will be maliciously changed if the hidden backdoor is activated by…

Cryptography and Security · Computer Science 2022-02-17 Yiming Li , Yong Jiang , Zhifeng Li , Shu-Tao Xia

With the success of deep learning algorithms in various domains, studying adversarial attacks to secure deep models in real world applications has become an important research topic. Backdoor attacks are a form of adversarial attacks on…

Computer Vision and Pattern Recognition · Computer Science 2019-12-24 Aniruddha Saha , Akshayvarun Subramanya , Hamed Pirsiavash

Federated learning is particularly susceptible to model poisoning and backdoor attacks because individual users have direct control over the training data and model updates. At the same time, the attack power of an individual user is…

Machine Learning · Computer Science 2022-10-18 Yuxin Wen , Jonas Geiping , Liam Fowl , Hossein Souri , Rama Chellappa , Micah Goldblum , Tom Goldstein

We investigate a new method for injecting backdoors into machine learning models, based on compromising the loss-value computation in the model-training code. We use it to demonstrate new classes of backdoors strictly more powerful than…

Cryptography and Security · Computer Science 2021-02-22 Eugene Bagdasaryan , Vitaly Shmatikov

Deep learning has come a long way and has enjoyed an unprecedented success. Despite high accuracy, however, deep models are brittle and are easily fooled by imperceptible adversarial perturbations. In contrast to common inference-time…

Computer Vision and Pattern Recognition · Computer Science 2020-05-14 Ali Borji

In recent years, machine learning models have been shown to be vulnerable to backdoor attacks. Under such attacks, an adversary embeds a stealthy backdoor into the trained model such that the compromised models will behave normally on clean…

Cryptography and Security · Computer Science 2022-10-18 Khoa D. Doan , Yingjie Lao , Ping Li

Deep learning models are vulnerable to backdoor attacks, where adversaries inject malicious functionality during training that activates on trigger inputs at inference time. Extensive research has focused on developing stealthy backdoor…

Cryptography and Security · Computer Science 2024-11-26 Jeongjin Shin , Sangdon Park

Backdoor attacks are rapidly emerging threats to deep neural networks (DNNs). In the backdoor attack scenario, attackers usually implant the backdoor into the target model by manipulating the training dataset or training process. Then, the…

Cryptography and Security · Computer Science 2022-05-09 Nan Zhong , Zhenxing Qian , Xinpeng Zhang

Continual learning algorithms are typically exposed to untrusted sources that contain training data inserted by adversaries and bad actors. An adversary can insert a small number of poisoned samples, such as mislabeled samples from…

Machine Learning · Computer Science 2023-11-21 Huayu Li , Gregory Ditzler

Self-supervised learning (SSL) models are vulnerable to backdoor attacks. Existing backdoor attacks that are effective in SSL often involve noticeable triggers, like colored patches or visible noise, which are vulnerable to human…

Computer Vision and Pattern Recognition · Computer Science 2025-04-04 Hanrong Zhang , Zhenting Wang , Boheng Li , Fulin Lin , Tingxu Han , Mingyu Jin , Chenlu Zhan , Mengnan Du , Hongwei Wang , Shiqing Ma

Backdoor attacks are dangerous and difficult to prevent in federated learning (FL), where training data is sourced from untrusted clients over long periods of time. These difficulties arise because: (a) defenders in FL do not have access to…

Machine Learning · Computer Science 2023-02-01 Shuaiqi Wang , Jonathan Hayase , Giulia Fanti , Sewoong Oh